hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

8549 Commits

Author SHA1 Message Date
Tom Hvitved
d1755500e4 C#: Data flow through fields 
Initial implementation of data flow through fields, using the algorithm of the
shared data flow implementation. Fields (and field-like properties) are covered,
and stores can be either
 - ordinary assignments, `Foo = x`,
 - object initializers, `new C() { Foo = x }`, or
 - field initializers, `int Foo = x`.

For field initializers, we need to synthesize calls (`SynthesizedCall`),
callables (`SynthesizedCallable`), parameters (`InstanceParameterNode`), and
arguments (`SynthesizedThisArgumentNode`), as the C# extractor does not (yet)
extract such entities. For example, in

```
class C
{
    int Field1 = 1;
    int Field2 = 2;

    C() { }
}
```

there is a synthesized call from the constructor `C`, with a synthesized `this`
argument, and the targets of that call are two synthesized callables with bodies
`this.Field1 = 1` and `this.Field2 = 2`, respectively.

A consequence of this is that `DataFlowCallable` is no longer an alias for
`DotNet::Callable`, but instead an IPA type.
 2019-08-16 15:49:37 +02:00
Calum Grant
0df9a625ba Merge pull request #1717 from hvitved/csharp/ssa/adjacent-perf 
C#: Improve performance of SSA adjacent reads calculation
 2019-08-16 12:11:57 +01:00
Tom Hvitved
b7e732fddb C#: Generalize CFG entry/exit nodes to include field/property initializers 2019-08-16 13:06:51 +02:00
Calum Grant
b28241ac6d Merge pull request #1741 from hvitved/csharp/extract-field-inits 
C#: Extract assignments for field/property initializers
 2019-08-16 11:51:37 +01:00
Tom Hvitved
495e5bc628 C#: Extract assignments for field/property initializers 2019-08-15 16:18:23 +02:00
Calum Grant
3fab5140a7 Merge pull request #1673 from hvitved/csharp/cfg/split-static-limit 
C#: Apply static CFG splitting limit
 2019-08-15 10:04:38 +01:00
Anders Schack-Mulligen
1938ac4937 Java/C++/C#: Sync. 2019-08-14 10:32:15 +02:00
Anders Schack-Mulligen
411bc16f44 Java/C++/C#: Address review comment. 2019-08-13 16:57:48 +02:00
Anders Schack-Mulligen
9e902066ad Java/C++/C#: Elaborate qldoc. 2019-08-13 16:57:48 +02:00
Anders Schack-Mulligen
4550175b16 Java/C++/C#: Add support for BarrierGuards. 2019-08-13 16:57:48 +02:00
Tom Hvitved
36043d04bd Merge pull request #1729 from xiemaisi/data-flow-nodes-location 
Java/C++/C#: Provide path-node locations via `hasLocationInfo`, not `getLocation`.
 2019-08-13 12:22:59 +02:00
Tom Hvitved
e4bd1980ab C#: Search from delegate creation in delegateCallSource() 2019-08-13 10:22:29 +02:00
semmle-qlci
e27b373062 Merge pull request #1548 from hvitved/csharp/cfg/simplify-goto-completions 
Approved by calumgrant
 2019-08-12 19:20:48 +01:00
Max Schaefer
485d4269a0 C#: Fix use of PathNode.getLocation(). 2019-08-12 15:04:37 +01:00
Max Schaefer
eb8087f4ea Java/C++/C#: Provide path-node locations via hasLocationInfo, not getLocation. 2019-08-12 12:52:30 +01:00
semmle-qlci
e890aba4fe Merge pull request #1712 from hvitved/csharp/remove-nomagic 
Approved by calumgrant
 2019-08-12 10:59:10 +01:00
Tom Hvitved
98ab2b26dc C#: Fix bad join-order in guardImpliesNotEqual() 2019-08-12 09:50:17 +02:00
Tom Hvitved
5ecf680cc2 C#: Improve performance of SSA adjacent reads calculation 
- Speedup the `varBlockReaches()` predicate, by restricting to basic blocks
  in which a given SSA definition may still be live, in constrast to just
  being able to reach *any* access (read or write) to the underlying source
  variable.
- Account for some missing cases in the `lastRead()` predicate.
 2019-08-08 16:21:57 +02:00
Tom Hvitved
c1604caa31 C#: Remove two pragma[nomagic] 2019-08-07 16:04:23 +02:00
Tom Hvitved
96e1732f94 C#: Address review comments 2019-08-07 10:41:43 +02:00
Tom Hvitved
6749bbd438 C#: Make use of extra data flow copies 2019-08-07 10:41:43 +02:00
Tom Hvitved
081ee9944d C#: Add more copies of the data flow library 2019-08-07 10:41:39 +02:00
yh-semmle
033879f5a6 Merge pull request #1639 from aschackmull/java/in-out-barriers 
Java/C++/C# DataFlow: Add support for in/out barriers on sources and sinks.
 2019-08-07 01:07:19 -04:00
Tom Hvitved
4774bc969a C#: Apply static CFG splitting limit 
The predicate `maxSplits()` was previously applied dynamically to ensure that
any control flow node would keep track of at most `maxSplits()` number of splits.
However, there was no guarantee that two different copies of the same AST element
wouldn't contain different splits, so in general the number of copies for a given
AST element `e` could be on the order `$\binom{n}{k}c^k$`, where `n` is the total
number of splits that apply to `e`, `k = maxSplits()`, and `c` is a constant.

With this change, the relevant splits for `e` are instead computed statically,
meaning that the order is instead `$c^k$`.
 2019-08-06 11:38:03 +02:00
Calum Grant
2df05090b5 Merge pull request #1685 from hvitved/csharp/dataflow/out-flow-fix 
C#: Fix data flow for `out`/`ref` parameters
 2019-08-06 09:31:17 +01:00
Anders Schack-Mulligen
a80cb262fc Java/C++/C#: Elaborate qldoc. 2019-08-05 16:28:25 +02:00
Anders Schack-Mulligen
9ebb83497d Java/C++/C#: Fix small mistake. 2019-08-05 15:34:12 +02:00
Anders Schack-Mulligen
2dc83c539c Java/C++/C#: Sync dataflow. 2019-08-05 12:07:32 +02:00
Calum Grant
3e143093f0 Merge pull request #1475 from hvitved/csharp/remove-file 
C#: Remove unused `PasswordInConfigurationFile.config`
 2019-08-05 10:29:50 +01:00
Jonas Jensen
73d8bf38a9 Merge pull request #1680 from aschackmull/cookbook/autoformat 
Cookbook examples: Autoformat
 2019-08-05 10:24:56 +02:00
Luke Cartey
54d01bdeff Merge pull request #1648 from hvitved/csharp/unchecked-return-lambda 
C#: Fix false positives in `cs/unchecked-return-value`
 2019-08-02 21:48:38 -07:00
Tom Hvitved
4d58154ff5 C#: Fix data flow for out/ref parameters 2019-08-02 14:25:38 -07:00
Tom Hvitved
04db1bf3f4 C#: Add data flow test for methods with multiple out/ref parameters 2019-08-02 13:46:18 -07:00
Anders Schack-Mulligen
40f2cec0de C#: Autoformat cookbook examples. 2019-08-02 15:30:32 +02:00
Calum Grant
169dbf1be3 C#: Remove rule CA1022, which caused the analyzer to crash, generating a compilation warning (and possibly, instability). 2019-08-02 12:14:03 +01:00
semmle-qlci
108e5bc431 Merge pull request #1675 from hvitved/csharp/xss-path-problem 
Approved by lukecartey
 2019-08-02 04:17:03 +01:00
Tom Hvitved
b7d6165d42 C#: Convert cs/web/xss to a path-problem 2019-08-01 15:58:57 -07:00
semmle-qlci
1d806971ed Merge pull request #1634 from aibaars/cookbook 
Approved by aschackmull, dave-bartolomeo, hvitved, markshannon, xiemaisi, yh-semmle
 2019-07-31 14:31:28 +01:00
Tom Hvitved
5c127ef20d C#: Fix false positives in cs/unchecked-return-value 2019-07-29 17:32:21 -07:00
Tom Hvitved
b6f3f7866b C#: Add more tests for cs/unchecked-return-value 2019-07-29 15:40:22 -07:00
Tom Hvitved
902825f8ac Merge pull request #1564 from calumgrant/cs/no-logger-writethrough 
C#: Disable logger AutoFlush
 2019-07-29 15:20:00 +00:00
Arthur Baars
ccde7cf6cf Add @id to example queries 2019-07-26 17:47:11 +02:00
Arthur Baars
bdce7d07c1 Move 'snippet' queries to 'snippets' folders 2019-07-26 17:47:11 +02:00
Arthur Baars
30860daac4 Add cookbook queries 2019-07-26 17:47:11 +02:00
Anders Schack-Mulligen
6d022aa359 Java/C++/C#: Sync dataflow. 2019-07-26 13:17:12 +02:00
Anders Schack-Mulligen
cd8d16183c Java/CPP/C#: Sync dataflow. 2019-07-22 15:41:37 +02:00
Felicity Chapman
cb48af7395 Update Python and C# help for commented-out code to use common qhelp 2019-07-15 09:26:17 +01:00
Calum Grant
ce12312ff2 C#: Disable the write-through of the logger, as this is a theoretical slowdown, and results in less readable log files when multiple extractors are running concurrently. 2019-07-08 15:58:49 +01:00
Tom Hvitved
f56c17fc77 C#: Fix bad join-orders in lastNonRec() 2019-07-05 07:21:34 +02:00
Tom Hvitved
e6c258c6ba C#: Restructure Completion::isValidFor() 2019-07-05 07:21:34 +02:00